Hackers steal $6m from Russian bank via Swift
Hackers stole RUB 339.5 million ($6 million) from a Russian bank last year using Swift’s payments messaging system.
According to Reuters, which was the first to discover this, the Russian central bank disclosed the information on 16 February. Albeit, it was “buried at the bottom of a central bank report on digital thefts in the Russian banking sector”.
The central bank says it received information about “one successful attack on the work place of a Swift system operator” and “the volume of unsanctioned operations as a result of this attack amounted to RUB 339.5 million”.
Reuters says after the report’s publication, a central bank spokesman explained that hackers had taken control of a computer at a Russian bank and used the Swift system to transfer the money to their own accounts.
The spokesman declined to name the bank or provide further details. He quoted Artem Sychev, deputy head of the central bank’s security department, as saying this was “a common scheme”.
A spokeswoman for Swift told Reuters it does not comment on specific entities.
“When a case of potential fraud is reported to us, we offer our assistance to the affected user to help secure its environment,” adds the spokeswoman.
Swift says its own systems have never been compromised by hackers.
All these cyberattacks are not uncommon. In December, hackers attempted to steal RUB 55 million ($975,000) from Russian state bank Globex using Swift’s system.
As reported in 2016, Bangladesh Bank said a total of $101 million was “wrongly transmitted”, of which $20 million went to a Sri Lankan bank. This involved sending a series of requests for the New York Federal Reserve to transfer large tranches of money from its account there.
The NY Fed said at the time: “The payment instructions in question were fully authenticated by the Swift messaging system in accordance with standard authentication protocols.”
Also in 2016, Symantec found evidence that the Odinaff group mounted attacks on Swift users, using malware to hide customers’ own records of Swift messages relating to fraudulent transactions.
That was bad news for Swift but its fight back against these attacks has been extensive and ongoing. It has spoken strongly on the subject and unveiled SwiftSmart modules to help its customers operate their Swift environment “securely and in-line with best practice”.